Azure – Resolving Azure Connect Soft Match Issues

Before I get into the details: my problem is clearly different than the one described in this question. I'm running a single Azure Connect instance, so the problem clearly isn't due to multiple sync. In fact, our system is using Azure Connect from the start, so there's no upgrade to speak of.

That said, pretty much every member of our organization had both a local AD account as well as a separate Office365 account. As such, in our case, the Azure Connect has to sync up to existing Azure AD accounts.

The process worked for most of our users; however, 9 accounts remain problematic, and I cannot figure out why.

The error message is pretty "standard":

Nie można zaktualizować tego obiektu, ponieważ następujące atrybuty skojarzone z tym obiektem mają wartości, które mogą już być skojarzone z innym obiektem w lokalnych usługach katalogowych: [Mail user@domain.com;]. Popraw lub usuń zduplikowane wartości w katalogu lokalnym. Więcej informacji na temat identyfikowania obiektów ze zduplikowanymi wartościami atrybutów, można znaleźć w artykule http://support.microsoft.com/kb/2647098.

Tracking Id: GUID
ExtraErrorDetails:
[{"Key":"ObjectIdInConflict","Value":["GUID"]},{"Key":"AttributeConflictName","Value":["Mail"]},{"Key":"AttributeConflictValues","Value":["user@domain.com"]}]

The "friendly" part of the error message is in Polish, but it's the standard "InvalidSoftMatch" error.

Now, I know I'm using soft matching by SMTP address… but the user in question has a clearly defined email (via the email attribute in AD; we don't have a local Exchange to make use of the proxyAddresses attribute). That same user has the exact same SMTP address in Office365 Exchange (as well as a SIP address which is also the same). Needless to say, I can't find any other mentions of this email being used in Exchange online.

As such, I can't figure out why this account isn't being synchronized and keeps throwing the "soft match" error.